Category:OWASP Security Analysis of Core J2EE Design Patterns Project

Main

Project Roadmap

The project’s overall goal is to...

Be a design-time security reference for developers implementing common patterns independent of specific platforms and frameworks. Pattern usage is ubiquitous in software development, and the best patterns transcend specific languages and/or frameworks; analyzing the most pivotal frameworks in web applications allows us to build security advice that developers will use far in the future. At the same time, analyzing common patterns helps manual penetration testers and source code reviewers understand where to look for vulnerabilities within an application.

Project Identification

PROJECT INFOWhat does this OWASP project offer you?

RELEASE(S) INFOWhat does this OWASP project release offer you?

what

is this project?

OWASP Security Analysis of Core J2EE Design Patterns Project

Purpose: To analyze popular design and architectural patterns for potential security issues, including advice on common pitfalls to avoid and where in a pattern to implement common security controls. Note that we are not creating new “security patterns” but rather analyzing existing non-security-specific patterns.